Risk assessments metrics and frameworks
- October 02, 2012
Security expert Jayson E. Street explains why security pros must learn to communicate effectively to gain trust from management and empower employees.
- October 01, 2012
Pen testers often focus on system errors and application flaws, but employees are often an enterprise's greatest weakness, explains Chris Nickerson.
- September 12, 2012
After a year researching and implementing new advanced persistent threat protection tactics, the telco giant has put several new defenses in place.
- September 11, 2012
To get executive buy-in, the retailer's risk management program architect had to define success and make sure everyone could speak the same language.
- September 02, 2012
Security expert Marcus Ranum goes one-on-one with Alex Hutton about the problems with security metric efforts.
- July 25, 2012
The analysis environment aims to provide free access to millions of malware samples, according to Rodrigo Branco, who is unveiling the system at Black Hat 2012.
- July 23, 2012
Sean Barnum of MITRE will describe Structured Threat Information eXpression (STIX), a new cyberthreat intelligence system for incident response teams.
- June 21, 2012
U.K. companies are preparing to manage their security during the Olympics. Would your security contingency plan hold up to such a disruptive event?
- May 29, 2012
McAfee says organizations must juggle visibility, system complexity challenges when balancing compliance-driven priorities with the threat landscape.
- April 25, 2012
The Black Hole Exploit toolkit is behind the bulk of the HTML and Java exploits, according to version 12 of the Microsoft Security Intelligence Report.
- April 19, 2012
Luminary Dan Geer says IT infrastructure risk can be reduced by boosting Internet resiliency and by planning backup processes should the Net go down.
- April 12, 2012
How would you define a security threat? The correct answer could score the funding you need for your next security project.
- April 04, 2012
Blunt experts at InfoSec World said enterprise IT security strategy often misses the mark, but some attendees suggested the experts are out of touch.
- April 02, 2012
A security expert warns organizations against buying the latest and greatest security technology and advocates for more effective pen testing at InfoSec World Conference and Expo 2012.
- March 06, 2012
Too often, organizations jam all their compliance tasks into the quarter when the audit is due. Read advice for reducing compliance fatigue.